Description

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks. That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem and are guaranteed a positive refcount on the mount in question. Rename the current has_locked_children() to __has_locked_children(), make it static and switch the fs/namespace.c users to it. Make has_locked_children() a wrapper for __has_locked_children(), calling the latter under read_seqlock_excl(&mount_lock).

INFO

Published Date :

2025-07-10T07:42:16.806Z

Last Modified :

2025-09-09T17:06:11.491Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2025-38306 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-38306.

URL Resource
https://git.kernel.org/stable/c/1f282cdc1d219c4a557f7009e81bc792820d9d9a cve-icon cve-icon
https://git.kernel.org/stable/c/287c7d34eedd37af1272dfb3b6e8656f4f026424 cve-icon cve-icon
https://git.kernel.org/stable/c/6482c3dccbfb8d20e2856ce67c75856859930b3f cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025071014-CVE-2025-38306-66ae@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2025-38306 cve-icon
https://www.cve.org/CVERecord?id=CVE-2025-38306 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact